package com.demandbreakdown.xiyun.config;

import cn.dev33.satoken.interceptor.SaInterceptor;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import org.springframework.context.annotation.Configuration;
import org.springframework.lang.NonNull;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * SaToken配置类
 *
 * @author poxz
 */
@Configuration
public class SaTokenConfig implements WebMvcConfigurer {
    /**
     * 添加SaToken拦截器
     *
     * @param registry 拦截器注册中心
     */
    @Override
    public void addInterceptors(@NonNull InterceptorRegistry registry) {
        registry.addInterceptor(new SaInterceptor(handler -> SaRouter.match("/**")
                // 用户认证相关接口放行
                .notMatch("/auth/login", "/auth/register", "/auth/send-captcha", "/auth/forgot-password")
                // 图片相关接口放行给拦截器，由注解控制权限（便于公开查询、受控写操作）
                .notMatch("/picture/**")
                // 健康检查接口放行
                .notMatch("/health/**")
                // API文档相关接口放行
                .notMatch("/doc.html", "/webjars/**", "/swagger-ui/**", "/v3/api-docs/**")
                .notMatch("/swagger-resources/**", "/favicon.ico", "/error", "/actuator/**")
                .notMatch("/swagger-ui.html")
                .check(r -> StpUtil.checkLogin()))).addPathPatterns("/**");
    }

}